Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

kogus writes "LoJack is licensing its brand name to Absolute Software, which provides Computrace -- soon to be known as the 'LoJack for Laptops' line of computer theft recovery systems. When a stolen Computrace-equipped system is connected to the Internet, it automatically and silently sends locating data to Absolute Software, which then calls out the law. In some cases, Absolute Software customers are eligible for a $1,000 guarantee payment when a stolen system is not recovered within 60 days.

Likely this would be on firmware; wiping the drive would be pointless (and probably past the abilities of most crackheads anyways - wiping the drives means a reinstall before resell).
Blocking outgoing traffic on a possibly random port with a firewall isn't as easy to do as you'd think.

It sure as hell is. You block everything except the few things you know you need or want. Most Win32 home firewalls also allow you to block specific applications.

It's rather trivial, actually.

And anybody who's going to swipe a laptop will probably wipe the drive with a reinstall because they won't be able to log into the system to poke around (unless they intend on hacking the login; again a rather trivial task once you have physical possession).

You probably want http, so the firmware could do http://www.laptopjack.com/report.pl?laptopid=AF314 229B2C&gps=55N33E [laptopjack.com] or whatever the hell it sends. If the result comes back "you've been stolen!" it halts the computer and prints FBI! on the screen or whatever. If theres no network or the laptop is not stolen yet, it boots normally and waits until next time.

The whole logic could be embedded in a boot rom on the card, with DHCP and all. Or, if you custom-made the ethernet card, it could even store the last IP address and gateway, and use that next time you boot if DHCP failed. You could even theoretically set it to do this every few hours or something when the network is idle-ish, so that if someone nabs it while its running and keeps it on all the time, it still gets a chance to report.

If you wanted to be REALLY tricky, you could hit other sites first and test for the presence of proxies or what not, then go through a few options, like SSL client authentication using a stored certificate to identify the laptop if a direct connection can be established. Or using just normal client SSL if a proxy that will allow it is detected. Or last ditch, http:

Since the site itself tells me that this is nothing more than software, and that replacing an internal NIC (which almost every laptop sold today has) is prohibitively expensive (in most cases requiring a modified motherboard), I'll reiterate my comment about the blocking/discovery being quite trivial.

Set up a non-Internet-connected pen and see what tries to get out of your fully locked down firewall system. Remove offending code. Rinse, repeat.

2. If your laptop is stolen, by the time it manages to report it to the police, it will be too late.

Too late for what? For recovery? No. For prosecution of the thief? Probably. For prosecution of the moron who bought it and knew it was stolen? No.

It's unlikely anyone but the last buyer will even attempt to connect it to the Internet. So whether the police uses 12 weeks or 4 months to get to him doesn't matter much, they will still find the laptop, and someone to put in jail.

On the other hand, the mechanism only works on idiots. If I were to buy a stolen laptop (not that I'm into that kind of thing anyway), I would of course wipe it clean, just as I do with any other new or used computer that gets into my hands...

If I were to buy a stolen laptop (not that I'm into that kind of thing anyway),

Why do you assume the buyer is aware they've just purchased a stolen laptop?

If I were a laptop theif I don't really imagine my target market is people who want stolen laptops (unless I steal so many I use a fence)... I imagine it's the ebay crowd, and perhaps I'm rebranding them as company used decommissioned laptops to explain the pre-installed crap. Or maybe I'm at a swap meet dumping them relatively cheap etc.

I just did that for real last week. Some guy came over and wanted to know how to tweak/dev/ethX settings (ethtool). Well, I was showing him (he's just getting into administering Linux stuff) and then I said if you ever need to bring an interface down you do this...and then I did it. On a box I was ssh'd into. Had to go down 6 floors into the test-lab to connect my laptop to the console port and bring the interface back up... Thank God it was only a lab box.

Computrace AgentThe Computrace agent is a small, software client that resides on the hard drive of host computers and enables Absolute's services. Easy to install and unobtrusive to the end-user, the agent requires minimal bandwidth in its communications to the Monitor Center.

I suspect it isn't intended for people concerned just about losing the hardware, but actually the data that is on the machine.

If someone steals a machine with the intent to stealing confidential information (god knows what people store on their laptops these days) then this sytem might be worth the money.

Regardless of intended use its more likely that someone in this line of espionage would know about this software and have a disconnected LAN they can use to dissect the machine on, and if its just simple

If you're worried about the data, then you should protect that, not the hardware. Have the system thoroughly encrypted locked to biometric data. Then have it keep back ups of critical data on a secure remote server. Then if you're laptop gets stolen, no big deal, they can't get the data and you've not lost much.

If I steal a laptop for the data on it the first thing I'm going to do remove the hard drive then trash the laptop. It's harder to trace a hard drive than the laptop. Then I'm going to hook the harddrive up to a decicated computer and mount it instead of putting it into another computer and booting off of it.

"You['re] right, security is an illusion, and some people prefer to turn a blind eye rather than look at the root cause."

You were ranting on about data / network security which is a little different than physical security. Try and guess where most laptops are physically stolen from? Give up? The airport where bagage handlers are usually the guilty party. Not too long ago they made a whole slew of arrests here in my city of bagage handlers who stole laptops, cameras, camcorders, etc.. from pe

reminds me of the security of Thinkpads (thumbprint), which in turn reminds me of a car with such a lock in...Malaysia I think it was... where the carjackers merely cut off the owner's thumb as a means to defeat security. When in doubt, use a bigger machete....

"Nice illusion of security....wonder how many people will fall for it."

Depends on what kind of thief we're talking about.I shouldn't have to go into that kind of detail, though. Just because one can semi-easily get around it doesn't mean it's worthless. I mean, that'd be like saying "Welp, why bother locking the door? They'll just break the window."

Let's talk about reality for a moment: It has been widely known, for DECADES, how to avoid leaving fingerprints at the scene of a crime. Despite being b

Fine, so we get the numbnuts who lost it to file the report and give us the report number.

"Okay, yes... we have recieved a call home from the laptop, and we know where it is!"

Great! Now when do we get it back?

"Wellll, you cant..."

and it just got worse from there. The police wouldn't retrieve the laptop, and these clowns wouldn't tell us where the machine was. But at least we knew:

- it was in fact stolen and not in the hands of the numbnuts employee- it was in fact connected to the internet, being used, right then- we couldn't get it back- someone was at least enjoying their brand new laptop...

I also wondered about that as well, so I jumped on the website and did a bit of research before posting here.

FROM FAQ

Q. Can ComputracePlus be detected?

A. On most PCs, the Computrace Agent, which powers ComputracePlus, is silent and invisible and will not be detected by looking at the disk directory or running a utility that examines RAM. On many PCs - depending on their operating system - the Agent cannot be erased off the hard drive by deleting files because it is not visible in file directories. The Agent can survive a hard drive re-format, F-disk command and hard drive re-partitioning. The Agent can be removed by an authorized user with the correct password and installation software.

On a Mac system, it is very difficult for a standard user to deliberately or accidentally delete the Agent as the files cannot be deleted by anyone other than the root user.

Q. What happens if a computer's hard drive is removed?
A. The Computrace Agent resides on a computer's hard drive so if the drive is removed and installed on another computer, the Agent will initiate contact with the Monitoring Center at its next scheduled call. It will then report its new location. The original computer will no longer be protected.

should build this into the hardware or the bios. i know if i stole a computer i wouldn't be in a rush to plug into the internet. unless of course it's a windows machine, in which case i've got a good solid 12 minutes to play around with it.

There is no problem with using consecutive line numbers. If you need to insert a line between two other lines, use fractional line numbers.

5½ GOTO 3.1

No renumbering required, problem solved!

Yes, I know what you are thinking: what if we run out of fractions? Don't worry though! In such emergencies, you can start using irrational line numbers. There are tons of those, so you will never run out. This does tend to increase the size of the program considerably, so they should only be used as a last resor

How would one report if a laptop is stolen?
How easy would it be for a thief to remove this after stealing said laptop (before connecting it to the computer)?
How will the law know where to go (geographic IP location can't be THAT accurate, can it?)
How much of a performance hit will this add to normal use?

I got the inside track on this. Here is a sample of the data chatter from a stolen notebook to the LOJack server:

<LOJACK_Loc_DATA>HELP ME!!!!</LOJACK_Loc_DATA>
<LOJACK_Loc_DATA_Response>What seems to be the problem?</LOJACK_Loc_DATA_Response>
<LOJACK_Loc_DATA>I've fallen....AND I CAN'T GET UP!!!</LOJACK_Loc_DATA>
<LOJACK_Loc_DATA_Response>Where are you? Can you describe your location?</LOJACK_Loc_DATA_Response>
<LOJACK_Loc_DATA>HELP ME!!!!</LOJ

TFA is remarkably lacking in technical details, so I looked at LoJack's site, which doesn't mention a thing about this. So - is this a hardware solution, or a program that gets installed into an existing OS? If the latter, well, how useful is that? While the slashdot crowd and the laptop-stealing crowd probably don't have a whole lot of overlap, I can't see someone not just re-installing the OS to wipe the system in any case.

The spyware and firewall questions seem important as well - if this is just a "Hey, this is box XYZ and I'm at this IP address", talking to lojack's servers, well, fine, but how does the end-user know that they haven't blocked that with their firewall?

I'd love to see something technical on this, rather than some stock-tip-guy's interpretation.

...and it is useless. It is an application (not firmware) that is installed into the disk's MBR. It also requires a Windows OS. So, in a nutshell: if you reinstall Windows it will not kill computrace. Reformatting the MBR or installing a *NIX OS will kill it, however.

What does that mean?Is there some law organisation in the USA that you can call saying "my laptop has been stolen and it is now on the internet at address 333.444.555.666" which will then go out to locate your laptop and return it to you??

It is an example.But I think it would be useless here to report something like this to the police. They will put your report on some stack of "nice things to do should we have some time left" and it will be assigned zero priority.

Is there some law organisation in the USA that you can call saying "my laptop has been stolen and it is now on the internet at address 333.444.555.666" which will then go out to locate your laptop and return it to you??

Well sonny I work for these here boys, and when I get a tellygram, I hop on my trusty steed 'Mac', and he and I head on down to russle me up some lappies. 'casionally I hook up with m' associate Ping; she's a real darlin' and knows how to ferret out the sneakiest son-of-a-guns, even them C

If you don't have physical control, you don't have security. Okay, strong encrypted data may be safe from prying eyes but how many people, after getting a stolen laptop back, boot it immediately and "check" everything? Can you say keylogger trojan?

Absolute Software may be guaranteeing $1,000 after 60 days if the laptop is not found, but you'd be surprised what that actually means.

I used to work for a computer store. We sold scores of laptop locks; all sorts of kinds of them. The Kensington locks sold like hotcakes because they had a $1,200 "guarantee" that the lock could not be compromised. The problem, we soon found out, is that the theif has to physically cut through the lock and leave behind the pieces. As we all know, some locks can be picked with even a bic pen [slashdot.org], and so a lot of good this "guarantee" did for some poeple. Some theives also just took the not-so-hard-to-steal item the laptops were attached too. (Lock it to a bed or desk people, please!)

No evidence to send in, no money back. I am willing to bet in this case there are similar loopholes for Absolute Software to play with.

Not sure what the costs involved are... but I doubt that this will be of much interest to the typical personal laptop owner. However, I can see this being bought up in bulk by companies as a sort of "insurance." In fact, their insurance rates would probably go down if all company laptops were equipped with this software. I think it makes sense for a business to try to protect their laptops this way. Employees are going to be less careful with a company laptop, as compared to their own personal laptop, and it might be important for the company to get the laptop back.

I think companies would be even more interested if there was a "kill-laptop" feature. So if the owner of the laptop goes to the IT department and says "my laptop was stolen!" (or lost), then they activate a flag so that when the laptop makes its secret connection, it receives a signal to erase itself, thereby protecting valuable company data. For many companies, protecting the data on the laptop might be more valuable than the laptop itself.

On the flip side, I would think that most people who steal laptops are going to wipe them or snoop around in them for awhile before connecting to the net and surf for porn. So this should hardly be viewed as a perfect solution for catching thieves (although WiFi certainly helps).

On the flip side, I would think that most people who steal laptops are going to wipe them or snoop around in them for awhile before connecting to the net and surf for porn. So this should hardly be viewed as a perfect solution for catching thieves (although WiFi certainly helps).

I beleive thinkpads can be configured to encrypt the hard drive and require a bios password every time you power it up. Not sure how effective the hard drive encryption is, but Intel relies on this mechanism for keeping their company data secure.

Come on Slashdot. What is this, news for AOL users? This kiddie crap. Yes, most thieves will just boot the computer with Windows and try to get on the net. But this is Slashdot. We're nerds or something. And this ain't F***ing news. If I got a laptop that was stolen, hell if it was used, I would format it:

From the website: www.absolute.com

Q. Can Computrace Personal be removed?A. The Computrace Personal software is a low-level utility that is as tamper resistant as a disk-based utility can be. The software can only be removed by an authorized user with the correct password so please be sure the password is stored in a safe location and not on the protected computer.

Q. What happens if a computer's hard drive is removed?A. The software resides on a computer's hard drive so if the drive is removed the computer will no longer be protected and can not be located if stolen or lost.

..then use fdisk to wipe the disk. Really, am I missing something here? (Other than a possible BIOS setting to force boot from internal HD in preference to CD/USB/Floppy/LAN, which can always be gotten around).Oh, I get it - it's just designed to recover stolen laptops from non-slashdot readers;o)

There was a time when laptops were stolen due to their price, and possible resale value on the black market. I personally think we are now in a new era where laptop theft (at least the corporate type) is no longer about getting a shiney new powerbook, and possibly selling it off the back of a truck. Today laptop theft could be for the information contained on the hard drive. Now lets think about the componsation, if my HR director "loses" his/her laptop with important information about me/co-workers, is $1000 really going to cover the loss? No, not even close. 1K in most cases will not even cover the cost of the laptop. For my money, I want a techonology that will encrypt the contents of that hard drive, and be easy enough for an HR director to use.

So when the bank official looses his laptop with my bank data on it and the thief dumps the data to another system and reformats before it connects to the net then what do I get for my stolen identity?

It's not just stolen laptops that send information to their servers. Any laptop with this software installed sends periodic heartbeats to the computrace people.

Our PHB ordered it installed after getting a call from a golf buddy. It was ripped out a week later. The heartbeats contain enough [cleartext] information that the increased chance of the laptop being broken into, or the salesguy socially engineered using the info was deemed higher than the chance it'd ever be stolen.

I've been doing this for years using DynDNS's free dynamic DNS service. [dyndns.org] I run a client on all my machines that updates their IPs with dyndns's database. If my laptop disappears, I just look to see what mylaptop.dyndns.org resolves to.

How does the stolen computer know it's time to transmit the homing signal... unless it's always transmitting anytime you're connected to the internet?

I'm not entirely sure how the LoJack on cars works, but I seem to recall it requires you to report the theft, and then the cops/LoJack have some means for tracking the car's device. With a physical device, this might not require an always-transmitting approach so much as always-ready-to-transmit - that is, it could have enough battery power to start transmi

Simply put a small charge of explosives in the case and when it gets stolen, boom, check the news for "fence killed by stolen laptop", wait for the/. posting "innocent man killed by exploding Windows laptop", and comment here.

Literally. 10 years ago. I called them up and asked if they did laptops. They did not.

A better solution is to make it work like the car LoJacks - when the unit receives an "I'm stolen" message it replies with its location. Only major problem would be power - if a theif removed the batteries it could be a long time before some sucker replaced the batteries, and by then LoJack might've stopped broadcasting.

Of course, any kind of security won't work well if it can be disabled or removed without disabling

I've been thinking of anti theft protection for laptops recently, and the flaw in most software is that they assume you will somehow end up on a open network which isn't firewalled.

One way around that is to put in a celluar radio, not only will it allow net access almost anywhere where coverage exists, it can be used to call home and do lots of things easily. Perhaps port LinuxBIOS to the laptop (if you can get the docs) and set it to self destruct on bootup remotely, not sure if any trapping is possible v

.... which makes me question the wisdom of their guarantee policy. I'd imagine that will be revised very quickly when they realize most laptops reported stolen are not actually, and that those that really are won't "live" long enough to report themselves.

When a stolen Computrace-equipped system is connected to the Internet, it automatically and silently sends locating data to Absolute Software, which then calls out the law . . .

And the law proceeds, uninterrupted, with their donut break.

Seriously, "the law" doesn't pursue stolen cars all that aggressively. Instead, they say, "we'll take a report that you can turn in to your insurance company. What? You didn't have theft insurance? You're one dumb sonofabitch." The manufacturer implies that, once th

Hmm... for me, the first time I clicked through the link it quickly refreshed and asked me for my email address or login, yaddda yadda, but when I clicked on the link again, after having closed the first window, I got to the story without any trouble. your mileage may vary...
-t

Computrace AgentThe Computrace agent is a small, software client that resides on the hard drive of host computers and enables Absolute's services. Easy to install and unobtrusive to the end-user, the agent requires minimal bandwidth in its communications to the Monitor Center.

True enough. As with all security measures (lock, alarm system, etc.), it can be overcome by someone who is smart, and especially someone who is expecting the security measure to be there. I would think that alot of stolen laptops are re-formatted and re-sold within a day (without ever being connected to the net), and thus this utility is useless against those particular thieves. However, there are some thieves who may start using the laptop immediately, and may connect it to the net to do so (or maybe a Wi